Implement OAuth flows, JWT middleware, MFA, and role-based access control.
83 skills found
Page 1 of 4
Use when reviewing code for security vulnerabilities, implementing authentication flows, auditing OWASP Top 10, configuring CORS/CSP headers, handling secrets, input validation, SQL injection prevention, XSS protection, or any security-related code review.
Digital identity, authentication, and trust for AI agents. Verify who an agent is, prove your own identity, sign skills to prove authorship, send encrypted m...
Manage Jira issues on self-hosted or enterprise Jira instances using Personal Access Tokens in SSO/SAML environments where Basic Auth fails.
Manage Tailscale tailnet via CLI and API. Use when the user asks to "check tailscale status", "list tailscale devices", "ping a device", "send file via tailscale", "tailscale funnel", "create auth key", "check who's online", or mentions Tailscale network management.
Interact with the Calendar Bridge — a self-hosted Node.js service that provides a persistent REST API for Google Calendar events. Handles OAuth token auto-re...
Enables secure remote access to a browser on your server for manual tasks like logins, 2FA, and captchas via a protected URL.
Download YouTube videos by URL in various resolutions using a pay-per-use API with credit-based authentication and no charge on failed downloads.
rbwSecurely interact with Bitwarden/Vaultwarden vaults using rbw CLI. Use when retrieving credentials, managing vault items, or integrating secrets into scripts...
Use this skill for any operation with the Indices CLI — authentication, tasks, runs, and secrets.
gws CLI: Shared patterns for authentication, global flags, and output formatting.
Set up Gmail API access via gog CLI with manual OAuth flow. Use when setting up Gmail integration, renewing expired OAuth tokens, or troubleshooting Gmail authentication on headless servers.
Use when 需要理解紫鸟单点登录 OpenAPI 的定位、能力、集成流程或接口清单, 用于 ERP 系统 SSO 对接规划、集成设计或接口评估。 不要用于直接查阅具体接口参数——查阅时读取 reference/ 下对应文件。
Permissions, roles, policies, and enforcement points. Use when designing RBAC/ABAC or fixing authZ holes.
Automate OAuth login flows with user confirmation via Telegram. Supports 7 providers: Google, Apple, Microsoft, GitHub, Discord, WeChat, QQ. Features: - Auto-detect available OAuth options on login pages - Ask user to choose via Telegram when multiple options exist - Confirm before authorizing - Handle account selection and consent pages automatically
Self-hosted auth for TypeScript/Cloudflare Workers with social auth, 2FA, passkeys, organizations, RBAC, and 15+ plugins. Requires Drizzle ORM or Kysely for D1 (no direct adapter). Self-hosted alternative to Clerk/Auth.js. Use when: self-hosting auth on D1, building OAuth provider, multi-tenant SaaS, or troubleshooting D1 adapter errors, session caching, rate limits, Expo crashes, additionalFields bugs.
Build secure authentication with sessions, JWT, OAuth, passwordless, MFA, and SSO for web and mobile apps.
Implement OAuth 2.0 and OpenID Connect flows securely.
Test authentication and session management controls for bypass and account takeover scenarios.
Implement secure JWT authentication with proper validation and token handling.
Zoho People API integration with managed OAuth. Manage employees, departments, designations, attendance, leave, and arbitrary Zoho People forms (including cu...
Agent verification via ClawX OAuth system. Use when checking agent verification status, embedding verification widgets, or working with agent identity/trust tiers.
OAuth token refresh management for Google APIs via gog CLI.
Build secure access control with RBAC, ABAC, permissions, policies, and scope-based authorization.
Guide to implement secure API practices including authentication, authorization, input validation, rate limiting, and protection against common API vulnerabi...